Inside Kimsuky’s Latest Cyberattack: Analyzing Malicious Scripts and Payloads

SUMMARY :

Kimsuky, also known as “Black Banshee,” a North Korean APT group active at least from 2012, is believed to be state-sponsored. Their cyber espionage targets countries like South Korea, Japan, and the U.S. Their tactics include phishing, malware infections (RATs, backdoors, wiper malware), supply chain attacks, lateral movement within networks and data exfiltration.

OPENCTI LABELS :

kimsuky,chrome,rats,zip file,firefox,file,edge,naver whale,c2 command,black banshee,apt group,64677cae14a2ec4d393a81548417b61b


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Inside Kimsuky’s Latest Cyberattack: Analyzing Malicious Scripts and Payloads